package com.boctech.yxt.authcenter.service;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.boctech.yxt.authcenter.entity.MyUserDetails;
import com.boctech.yxt.persistance.entity.SysApi;
import com.boctech.yxt.persistance.entity.SysMenu;
import com.boctech.yxt.persistance.entity.SysRole;
import com.boctech.yxt.persistance.entity.SysUser;
import com.boctech.yxt.persistance.mapper.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;


@Service(value = "myRBCAService")
public class MyRBCAService {

    @Autowired
    MySystemMapper systemMapper;

    @Autowired
    SysRoleMapper roleMapper;

    @Autowired
    SysMenuMapper menuMapper;

    @Autowired
    SysApiMapper apiMapper;

    public MyUserDetails selectUserDetailsByUserName(String username){
        SysUser sysUser = systemMapper.selectUserByUserName(username);
        if (sysUser == null){
            throw new UsernameNotFoundException("用户名不存在");
        }
        MyUserDetails userDetails = new MyUserDetails();
        userDetails.setUsername(sysUser.getUsername());
        userDetails.setPassword(sysUser.getPassword());
        userDetails.setEnabled(sysUser.getEnabled());
        return userDetails;
    }

    /**
     * 根据用户名获取其具有的权限
     * @param username
     * @return
     */
    public List<String> selectAuthoritiesByUserName(String username){
        // 将用户具有的角色加入权限
        List<Long> roleKeys = systemMapper.selectRoleKeysByUserName(username);
        List<SysRole> sysRoles = roleMapper.selectBatchIds(roleKeys);
        List<String> authorities = sysRoles.stream().map((sysRole -> "ROLE_" + sysRole.getRoleCode())).collect(Collectors.toList());

        // 将用户具有的菜单url加入权限
        List<Long> menuKeys = systemMapper.selectMenuKeysByRoleIds(roleKeys);
        List<SysMenu> menus = menuMapper.selectBatchIds(menuKeys);
        authorities.addAll(menus.stream().map(SysMenu::getUrl).collect(Collectors.toList()));

        // 将用户具有的Api权限加入权限
        List<Long> apiKeys = systemMapper.selectApiKeysByRoleIds(roleKeys);
        List<SysApi> apis = apiMapper.selectBatchIds(apiKeys);
        authorities.addAll(apis.stream().map(SysApi::getUrl).collect(Collectors.toList()));
        return authorities;
    }

    public boolean hasPermission(HttpServletRequest request, Authentication authentication){
        Object principal = authentication.getPrincipal();
        if (principal instanceof UserDetails){
            UserDetails userDetails = (UserDetails) principal;
            String uri = request.getRequestURI();
            SimpleGrantedAuthority authority = new SimpleGrantedAuthority(uri);
            Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
            return authorities.contains(authority);
        }
        return false;
    }
}
